The Serious Fraud Office (SFO) has been fined £180,000 by the Information Commissioner’s Office (ICO) after evidence from a high profile criminal investigation was returned to the wrong person.

The investigation related to allegations that senior executives at defense contractor BAE Systems had accepted bribes as part of an arms deal with Saudi Arabia.

Although the case closed in February 2010, the SFO then began sending back all the evidence collected to the rightful owners.

Around 20% of the 2000 evidence bags sent contained information on third parties, according to the ICO.

This included highly sensitive info such as bank statements showing payments made by BAE Systems to various individuals, hospital invoices, DVLA documents and passport details.

The Serious Fraud Office only began an investigation into what had gone wrong after a question was asked in parliament in June 2013.

To make matters worse, the witness in question had been sent the wrong evidence by a temporary worker who had no direct supervision and little training.

The evidence in question apparently related to 64 other people in the case.

The witness passed on the evidence to The Sunday Times, which ran several stories based on it.

“Anyone who provides information to a criminal investigation does not take this decision lightly and often does so at considerable risk to themselves. People will be quite rightly shocked that the Serious Fraud Office failed to keep the information of so many individuals connected to such a high-profile case secure,” said deputy commissioner, David Smith.

“Given how high-profile this case was, and how sensitive the evidence being returned to witnesses potentially was, it is astounding that the SFO got this wrong. This was an easily preventable breach that does not reflect well on the organization.”

Although the SFO has now retrieved 98% of the evidence that shouldn’t have been disclosed, Smith claimed law enforcement agencies everywhere should see the stiff £180,000 penalty as a warning “that their legal obligations to look after people’s information continue even after their investigation has concluded.”

Intralinks director, Todd Partridge, argued that to prevent this kind of issue happening in future, organizations need to focus on both the human and technical aspects.

“The first is to attempt to eliminate human error altogether, through training, procedures and protocols. It would appear that this is one line being taken by the SFO, and this is commendable, but humans will always make mistakes, so it’s not enough on its own,” he added.

“A second approach is to implement systems that enable a company to deal with errors. With technology advances and the development of the cloud, companies can now share and – more importantly – ‘unshare’ documents, shutting off access to them at the flick of a switch.”

Two former federal special agents have been charged with a string of offences after allegedly stealing bitcoins during their investigation into notorious online drugs marketplace the Silk Road.

The federal criminal complaint, unsealed on Monday in the Northern District of California, names the two men as members of the Baltimore Silk Road Task Force.

Carl M Force, 46, was a special agent in the Drug Enforcement Administration (DEA), while Shaun W Bridges, 32, was a special agent in the US Secret Service.

Force was tasked with establishing a line of communications with alleged Silk Road mastermind Ross Ulbricht, according to the Department of Justice.

But instead he allegedly created multiple new online personas – using them to receive bitcoins from targets of the investigation but failing then to report his receipt of them. Instead he’s said to have transferred the funds to his personal account.

The DoJ note continues:

“The complaint also alleges that Force invested in and worked for a digital currency exchange company while still working for the DEA, and that he directed the company to freeze a customer’s account with no legal basis to do so, then transferred the customer’s funds to his personal account. Further, Force allegedly sent an unauthorized Justice Department subpoena to an online payment service directing that it unfreeze his personal account.”

Bridges, meanwhile, is alleged to have transferred $800,000 in digital currency to a Mt Gox account before wiring it to a personal investment account just days before he sought a warrant to seize the accounts of the now defunct currency exchange.

“Both of the agents went through multiple steps to hide their transactions and activities and abused their authority throughout to work the system,” he added.

“Believing that the anonymity of bitcoin would cloak their activities, it was when they tried to convert those funds and move them into bank accounts, some offshore, that they were caught.”

]]>

Tue, 31 Mar 2015 09:56:00 GMThttp://www.infosecurity-magazine.com/news/silk-road-investigators-charged/Beijing May Target Foreign Websites in New DDoS Campaignhttp://www.infosecurity-magazine.com/news/beijing-target-foreign-websites/
Rights group claims Great Firewall is now imposing Chinese censorship on users globallyBeijing May Target Foreign Websites in New DDoS Campaign

The recent large-scale DDoS attacks against GitHub and anti-censorship group Greatfire.org are likely to signal the start of a major new attack campaign by China against foreign internet sites, according to Greatfire.

Since its infrastructure was overwhelmed by a huge DDoS on 17 March, Greatfire.org has been relatively quiet, “gathering evidence and information to figure out who is responsible,” co-founder Charlie Smith told Infosecurity.

Now the group has released a blog post claiming the Chinese government was indeed behind the attacks on it and GitHub.

As reported by Infosecurity on Monday, the attackers replaced some Baidu Analytics JavaScript code with malicious script which loads the sites in question every two seconds, causing a denial of service.

Unlike previous attacks by the Great Firewall, this one effectively weaponized users outside China against sites based outside China.

“To mitigate the DDoS attack, we mirrored content on our GitHub repository and asked users to access that page directly. The attackers then switched their attack to our GitHub page,” wrote Smith.

“Based on the technical forensic evidence provided above and the detailed research that has been done on the GitHub attack, we can now confidently conclude that the Cyberspace Administration of China (CAC) is responsible for both of these attacks.”

Greatfire.org believes the CAC is ultimately responsible because inserting malicious code as it had to in order to launch the DDoS can only be done via the Chinese internet backbone, which the government is effectively responsible for managing.

“Hijacking the computers of millions of innocent internet users around the world is particularly striking as it illustrates the utter disregard the Chinese authorities have for international as well as even Chinese internet governance norms,” Smith continued.

“There was no way for an average internet user to prevent themselves from being exploited as part of this attack.”

He claimed the Great Firewall – China’s fearsome censorship apparatus – has now transitioned from being a “passive, inbound filter” to an “active and aggressive outbound one” which could be a hugely destabilizing force.

“These attacks also illustrate the shortsighted nature of the Chinese authorities. Weaponizing Chinese internet services stifles global confidence in Chinese entrepreneurs and contributes to the fragmentation of the global internet,” said Smith.

“We correctly predicted last year that China would increase their use of MITM attacks in an effort to censor encrypted websites. We now sadly predict that the DDoS attacks against us and GitHub are likely to signal a ramping up of attacks against foreign internet properties. These kinds of attacks should draw scorn and criticism from government officials of all countries around the world.”

]]>

Tue, 31 Mar 2015 08:55:00 GMThttp://www.infosecurity-magazine.com/news/beijing-target-foreign-websites/Google on the Hook for UK Lawsuits over Secret Trackinghttp://www.infosecurity-magazine.com/news/google-uk-lawsuits-over-secret/
Google will be subject to suits over gathering personal data without user knowledge, including surfing habits, social class, race and ethnicity.Google on the Hook for UK Lawsuits over Secret Tracking

Consumers in the UK have been given the greenlight to sue Google over the use of secret cookies within Apple’s Safari browser.

Three judges in the country have rejected Google's Court of Appeal bid, which it brought after a high court decided that Google can be held accountable in the UK for alleged misuse of privacy settings in Safari.

A group known as Safari Users Against Google's Secret Tracking first raised the issue three years ago, and brought to light that Google routinely bypasses Safari privacy settings with sneaky code, in order to implant cookies unbeknownst to users. The idea is to track users as they traverse the web, serving up targeted ads. In the name of better marketing, Google has supposedly gathered a wealth of personal data without user knowledge, including surfing habits, social class, race and ethnicity.

Since then, the case has dragged through the British court system.

Google didn’t deny that it had implemented the scheme, but it tried to argue that it was exempt from paying damages because Safari users hadn't suffered any financial impact.

The Court of Appeal has now flatly disagreed, and said that the claims "concern what is alleged to have been the secret and blanket tracking and collation of information, often of an extremely private nature... about and associated with the claimants' internet use, and the subsequent use of that information for about nine months. The case relates to the anxiety and distress this intrusion upon autonomy has caused.”

Google has already paid the piper for this behavior in the United States. In 2012, the US Federal Trade Commission (FTC) ordered the Internet giant to pay a $22.5 million fine for illegal tracking. It has also paid out around $40 million in state-level lawsuits.

Dan Tench, a partner at law firm Olswang, which represents the group, told the Guardian that the landmark case would decide “whether British consumers actually have any right to hold Google to account in this country.”

He said: “This is the appropriate forum for this case—here in England where the consumers used the internet and where they have a right to privacy.”

Fresh from its anti-ISIS hacktivist operation, Anonymous is once again turning its attention to Israel, promising an “electronic Holocaust.”

For the third year in a row, the hacking collective is planning to assault hundreds of Israeli websites on or around April 7, which is the eve of Holocaust Remembrance Day. The group is protesting what it calls “segregationist Zionism.”

“As we did many times, we will take down your servers, government web sites, Israeli military websites and Israeli institutions,” the voiceover in a video posted by the group said. “We will erase you from cyberspace in our electronic Holocaust.”

In April 2013 and April 2014, the group launched a series of massive cyber-attacks against Israel in the name of Palestinian autonomy, claiming to have caused multi-billion dollar damage. Israel brushed this claim aside however, and said that there were no major disruptions in either attack.

“It’s not the first time this sort of campaign happened,” said Israel’s Institute for National Security Studies (INSS). “The last time (though) didn’t see any strategic attacks on critical infrastructure. There was the defacement of websites and sowing fear among Israeli citizens.”

It warns that this year, the Anonymous splinter group called AnonGhost will be carrying out the attacks. Daniel Cohen, INSS’ Cyber Warfare program, said that Shi'ite Hezbollah and Sunni Hamas could be behind the attacks.

“These groups call themselves anonymous, but in reality the Op-Israel hackers responsible for the actions are mostly from the Middle East, with connections to our local conflict," he noted, speaking to Israel’s national newspaper.

Anonymous’ #OpIsrael campaign goes back quite a ways, to at least 2012, when the Israeli government threatened to cut off the internet to the occupied Palestinian territory of Gaza.

“For far too long, Anonymous has stood by with the rest of the world and watched in despair the barbaric, brutal and despicable treatment of the Palestinian people in the so called ‘Occupied Territories’ by the Israel Defense Force,” it said at the time. “Like so many around the globe, we have felt helpless in the face of such implacable evil. And today’s insane attack and threatened invasion of Gaza was more of the same.”

Anonymous’ political allegiances in the Middle East are varied. It recently wrapped an #IceISIS campaign, claiming to have taken 800 Twitter accounts offline that were linked to the terrorist group.

The just-discovered Slack hack has brought up a fresh discussion field: When it comes to best practices, where does user responsibility end, and organizational preparedness begin?

Slack, which was started by Flickr founder Stewart Butterfield in 2013, is a chat app for businesses that replaces intra-office email. It’s on many levels an aggregator, and plugs into other services like Twitter, Skype, GitHub and Dropbox. Companies like eBay, Sony, Yelp and NBCUniversal all use it to get things done among teams. It also continues to work on its video and voice functions to expand user engagement with the app.

Slack said that an intrusion in February that lasted about four days allowed hackers to obtain access to user names, email addresses and passwords, and any other information that users may have optionally added to their profiles to integrate with other services, like Skype IDs and phone numbers. No financial or payment information was accessed or compromised.

The company characterized the breach as affecting a “very small number of Slack accounts,” but the lack of concrete information as to the purloined goods points out a significant security failing as far as one security expert is concerned.

“Now Slack users are left wondering if their personal information was stolen and how they might be affected,” said iboss Cybersecurity CEO Paul Martini, in an email. “This further highlights the need for all organizations—both startups and established companies—to invest in post–infection software that can quickly identify security breaches and prevent valuable data theft.”

One slice of daylight: the Slack passwords were hashed. “We have no indication that the hackers were able to decrypt stored passwords, as Slack uses a one-way encryption technique called hashing,” explained Anne Toth, vice president of policy and compliance strategy at Slack, in a website announcement. “[The] hashing function is bcrypt with a randomly generated salt per-password which makes it computationally infeasible that your password could be recreated from the hashed form.”

Toth also said that Slack has since blocked the unauthorized access and has “made additional changes to our technical infrastructure” to prevent future incidents.

She went to lengths to demonstrate that the company has been proactive in dealing with the event.

“Since the compromised system was first discovered, we have been working 24 hours a day to methodically examine, rebuild and test each component of our system to ensure it is safe,” she said. “We are collaborating with outside experts to cross-check assumptions and ensure that we are meticulous in our approach. In addition we have notified law enforcement of this illegal intrusion.”

She added, “As soon as the evidence was uncovered, we started communication with the affected teams. The announcement was made as soon as we could confirm the details and as fast as we could type.”

In the wake of the incident, Slack has released two-factor authentication and a kill-switch. The password kill-switch for team owners allows for both instantaneous team-wide resetting of passwords and forced termination of all user sessions for all team members (which means that everyone is signed out of your Slack team in all apps on all devices).

Still, operating under the assumption that a breach will occur is an oversight. “Hat's off to the Slack team for apparently responding promptly and putting two-factor authentication in place,” said Muddu Sudhakar, CEO for Caspida, in an email. “However, what's not being discussed and can be more impactful is taking [a] more proactive stance on their cybersecurity.”

Sudhakar added, “When hacks like Slack’s come to light, there's a lot of emphasis on better hygiene approaches from the users—[that] they should have created more robust passwords, [or] not re-used the same password for multiple assets. [However], the bad guys inevitably get through the perimeter, as Slack found, [and] having processes and systems in place to quickly highlight the issues and facilitate investigations will help reduce the rate of compromises.”

The fraudster typically cold calls a victim pretending to be from their bank, police or another trusted organization before tricking them into handing over their card and PIN details or transferring money into a ‘safe account’ under their control, FFA UK warned.

Despite the rise in online banking and e-commerce fraud, total card fraud losses rose only a modest 6% to £479m.

FFA UK argued that this figure is still well short of the peak of £609.9m in 2008 and taken as a proportion of the value of purchases, has risen only slightly – from 7.4p in every £100 spent to 7.5p.

The total number of incidents rose by 5% to 1.3m in 2014, driven mainly by criminals using cards abroad.

Detective chief inspector Perry Stokes, head of the Dedicated Card and Payment Crime Unit (DCPCU) urged internet users to make sure their AV software is up-to-date, only shop on secure websites, and be suspicious of any unsolicited emails.

It was also advised that cardholders check their bank and card statements frequently to spot any unusual transactions.

Businesses, meanwhile, were urged to mitigate the risk of fraud by signing up to 3D Secure – the card companies’ secondary payment authentication system – as well as being suspicious of “high value or unusual orders.”

FFA UK also encouraged firms to sign up to the banking industry’s Address Verification Service – which compares delivery with billing address – and to keep a record of fraudulent transactions to prevent further breaches.

Tim Lansdale, head of payment security at Europe’s largest payment processor, Worldpay, explained that criminals always go for the low-hanging fruit, which currently means targeting consumers.

“Businesses have to be alert to this threat, ensuring they keep their wits about them. They should be extra cautious when taking payments over the phone and be on the lookout for transactions that seem unusual, such as asking for goods to be delivered to a different address to which the card is registered to,” he toldInfosecurity.

“Businesses will be responsible for the cost of the goods sold to fraudulent cards not to mention the damage to their reputation, something that can take years to repair.”

Stephen Moody, EMEA solutions director at anti-fraud firm ThreatMetrix, argued that passive multi-factor authentication is needed to add extra layers of security on top of user names and passwords.

“We have moved into an era where traditional identity data has already largely been compromised. User names and passwords are no longer a secure authentication method and organizations should not treat them as such,” he told Infosecurity by email.

]]>

Mon, 30 Mar 2015 13:30:00 GMThttp://www.infosecurity-magazine.com/news/uk-online-banking-fraud-jumps-50/Aussie Government Red-Faced After Major G20 Privacy Breachhttp://www.infosecurity-magazine.com/news/aussie-govt-redfaced-major-g20/
Personal information of 31 world leaders was emailed to the wrong personAussie Government Red-Faced After Major G20 Privacy Breach

The Australian immigration department has come under fire after it was revealed that a member of staff accidentally exposed the personal details of 31 world leaders attending last November’s G20 summit.

The hapless employee sent an email containing the information to the organizers of the Asian Cup football tournament, ahead of the Brisbane summit, according to The Guardian.

The breached information included names, dates of birth, passport numbers, and visa grant numbers, according to an urgent email sent from the country’s visa chief to the Australian privacy commissioner on 7 November, and obtained by the paper through a FoI request.

Barack Obama, Angela Merkel, Xi Jinping, David Cameron and Vladimir Putin were among the world leaders whose sensitive information was exposed. However, the Australian government controversially decided not to inform any of those affected.

“Given that the risks of the breach are considered very low and the actions that have been taken to limit the further distribution of the email, I do not consider it necessary to notify the clients of the breach,” the email noted.

The privacy gaffe apparently took place when an immigration department employee “failed to check that the auto-fill function in Microsoft Outlook had entered the correct person’s details into the email ‘To’ field.”

Tony Pepper, CEO of Egress Software Technologies, argued that the breach should have been disclosed immediately.

“Encryption solutions are available that enable multi-faceted authentication (ensuring only the correct recipient can access highly sensitive information) as well as the ability to restrict what a recipient can do with received information or, if the worst does happen, revoke that access altogether,” he added.

“Mistakes happen; it's a fact of life. Yet organizations need to ensure they give employees the right tools to work securely, while also providing a safety net should mistakes happen. Otherwise we will continue to see breaches of this kind.”

Egress made a FoI request of its own last December and found that in Q1 2014, a whopping 93% of data breach incidents reported to the UK’s ICO were down to human error and poor processes rather than technical failings.

Beijing is suspected of masterminding the largest DDoS attack in GitHub’s history – specifically targeted at two anti-censorship projects on the developer platform.

The attack began in the early hours of Thursday morning and involved a “wide combination of attack vectors,” GitHub said in a status note on Friday.

It added:

“These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content.”

This content apparently includes one part of GitHub run by anti-censorship body Greatfire.org, and another linking to the New York Times’ Chinese language website, which is banned inside the Great Firewall.

Writing on security forum Insight-labs, Chinese security blogger Anthr@x claimed the attackers are hijacking HTTP connections going into China and replacing some JavaScript files used by search engine Baidu for advertising and tracking with malicious ones.

These load the two GitHub pages every two seconds, causing the DDoS.

“In other words, even people outside China are being weaponized to target things the Chinese government does not like; for example, freedom of speech,” said Anthr@x.

As of Monday morning (BST) GitHub was still under attack. Its latest tweet reads: “The DDoS attack has evolved and we are working to mitigate.”

The attack comes just days after Beijing was linked to a high profile man-in-the-middle attack when one of its intermediate certificate authorities was caught by Google issuing rogue certificates, in contravention of all agreed industry rules.

It also comes over a week after Greatfire.org was itself hit with a massive DDoS, flooding its infrastructure with 2.6 billion requests an hour.

The anti-censorship body has been a vocal campaigner against China’s repressive subjugation of internet freedoms, mirroring many banned sites on its own cloud-based infrastructure in a project dubbed ‘collateral freedom’.

It seems the authorities are making a concerted bid to crush these attempts, with the main actors pegged as propaganda tsar Lu Wei, who is in charge of the Cyberspace Administration of China (CAC).

Dave Larson, CTO of Corero Network Security, explained that DDoS attacks are increasingly seen to evolve over one or two days, with attackers launching multiple waves to circumvent mitigation techniques.

“GitHub have done the right thing in keeping their users informed of the status of the attacks. But when the attackers are sufficiently motivated and have extensive resources, which is common when the perpetrators are powerful syndicates or state actors, as may be the case here, it is difficult to stay ahead of the attack if your response methodology relies on human analysts,” he added.

“With the growing power and sophistication of DDoS and other attacks aimed at service disruption, coupled with the increasing ease of launching attacks, every organization no matter how large or small can become a victim.”

Infosecurity has reached out to Greatfire.org and will update this story if we hear back.

]]>

Mon, 30 Mar 2015 09:48:00 GMThttp://www.infosecurity-magazine.com/news/massive-ddos-takes-out-antichina/UN Creates Privacy Watchdog to Go After Government Surveillance Programshttp://www.infosecurity-magazine.com/news/un-creates-privacy-watchdog/
An expert will be tasked with investigating the privacy implications of member countries’ cyber-spying programs.UN Creates Privacy Watchdog to Go After Government Surveillance Programs

Nation-state cyber-spying and surveillance has been a hot-button issue ever since Edward Snowden began his series of leaks exposing the activities of several western governments. Now, the UN has gotten on board the privacy train by voting to create a special watchdog dedicated to the right to privacy in the digital age.

The UN’s Human Rights Council has moved to create a “Special Rapporteur" position, who will be tasked with investigating the privacy implications of member countries’ cyber-spying programs.

“The appointment of a UN expert on privacy in the digital age means that we now have someone to watch those that are watching us,” Eileen Donahoe, the director of global affairs at Human Rights Watch, said in a statement. “When everything you say or do can be intercepted, monitored or become the object of surveillance, it has a chilling effect on what people feel free to say, where they feel free to go and with whom they choose to meet.”

Brazil and Germany spearheaded the resolution. President Dilma Rousseff of Brazil raised the importance of privacy in the digital context at the UN General Assembly in 2013 following reports that both Rousseff and Chancellor Angela Merkel of Germany were victims of US espionage. Following Rousseff’s address, UN institutions actively pursued the topic, with two resolutions in the General Assembly, a high-level panel at the Human Rights Council, and a report by the then-UN high commissioner on human rights, Navi Pillay.

The new watchdog is focused on digital privacy and will also be responsible for issues in the offline world, such as the responsibilities of police officers when encountering suspects and businesses with their customers’ data.

“How privacy is protected online is one of the most pressing issues of our time,” Donahoe said. “Our hope is that the Human Rights Council resolution marks the beginning of a serious global reckoning with mass surveillance and its effects.”

An investigation from Symantec has exposed attackers who have been compromising users’ computers to add them to botnets, which are rented out to artificially inflate Twitch channel audience numbers.

Twitch, which allows members to live-stream their gameplay for popular online games like DayZ, Minecraft and such, is big business: it has 100 million annual unique viewers, 1.5 million broadcasters and claims 16 billion monthly minutes streamed.

As Symantec researcher Lionel Payet explained in a blog, that kind of popularity allows some broadcasters to earn money while streaming their videos, provided that they have a large enough audience. If they have more than 500 viewers, they can incorporate ads, offer subscriptions in exchange for additional content and set up donation pages.

“While many broadcasters have managed to legitimately earn their viewers, others have attempted to artificially inflate their viewership figures by renting a botnet,” Payet said.

Symantec found several Twitch botnet services that were for sale both on underground forums and even on the open web; and many services offered a single application that could generate a huge number of fake Twitch channel viewers. One botnet service said that it could force each enslaved computer to open five streams on broadcasters’ Twitch channels, hidden and muted so that the computer’s owner is unaware that anything is amiss.

Another service offers “chatters,” which are bots that post messages in the chat section on broadcasters’ Twitch streams. Prices range from $29.99 for 100 viewers and 40 chatters to $159 for 1,000 viewers and 400 chatters.

While some botnets may include computers where the user has agreed to take part in the scam, “some of these botnets were created by infecting victims’ computers with malware,” noted Payet.

The malware, dubbed Inflabot, appears to disguise itself as a fake Chrome or Adobe software update and has mainly infected computers in Russia, the US, UK, and Ukraine.

As Twitch has solidified itself as one of the most popular sites on the web, it is increasingly the target of criminals. Earlier in the week it admitted that it was investigating a data breach it said. But there are other concerns too.

“Artificial audience inflation isn’t the only way that this emerging sector could be targeted,” said Payet. “Our previous research has shown how attackers hired distributed denial-of-service attacks to take competing gamers offline. This could also be used to target game stream broadcasters to disrupt their channels.”

Other existing malware could also be tailored to target this business and top broadcasters.

“For example, attackers could target well-known broadcasters with banking or information-stealing threats,” he added. “They could also use popular Twitch channels’ chat services to spread malware to the broadcasters’ fans.”

]]>Fri, 27 Mar 2015 19:33:00 GMThttp://www.infosecurity-magazine.com/news/twitch-botnetsforhire-inflate/Retail, Financial Sectors Team Up on Formal Info-Sharinghttp://www.infosecurity-magazine.com/news/retail-financial-sectors-team/
They have created an intelligence-sharing portal that will link the two industries’ key players.Retail, Financial Sectors Team Up on Formal Info-Sharing

Retailers are throwing their cyber-hats in with the financial services community when it comes to information-sharing, with the establishment of an intelligence-sharing portal that will link the two industries’ key players.

To make it happen, the Retail Cyber Intelligence Sharing Center (R-CISC) has launched the portal, which is managed by the Financial Services Information Sharing and Analysis Center (FS-ISAC).

"The formalization of the sharing portal supported by the FS-ISAC is an important step in the evolution of retail cyber threat information sharing," said R-CISC executive director Brian Engle. "The R-CISC portal will substantially increase the efficacy of the information-sharing already underway by contextualizing, prioritizing and cataloging the information shared between retailers, other industries and law enforcement."

The relationship with FS-ISAC also paves the way for future collaborations, including use of Soltra Edge, the automated threat indicator sharing software platform used by financial companies.

The collaboration fits into an overall end goal of creating a federation of standards-based repositories at various critical infrastructure entities, including ISACs, CERTs, industry associations and many others that will act as hubs, creating trusted environments where member firms can securely share cyber threat intelligence. This is the vision laid out by President Obama in his last security-related Executive Order.

The launch of the Intelligence Sharing Portal is one of several tools that the R-CISC is developing, which will also encompass robust education and research offerings, it said.

"FS-ISAC is proud to support R-CISC as it delivers on its core mission of information-sharing and enabling retail organizations around the world [to] improve their cybersecurity posture and resilience," said Bill Nelson, FS-ISAC president and CEO. "FS-ISAC continually looks to innovate how information is shared, analyzed and disseminated. We believe there is tremendous potential both for intra-sector and cross-sector sharing and we look forward to sharing our expertise to help enable these new ways of collaborating."